Devsecops With Sast, Sca, Dast Using Jenkins On Aws-Hands On

Implement DevSecOps by SAST, SCA, DAST using tools Sonar, Snyk, OWASP ZAP, and SonarQube within a Jenkins Pipeline

What you'll learn

Integrate SAST using Sonarcloud (SAAS) in DevSecOps

Integrate SAST using SonarQube in DevSecOps

Integrate SCA scan using Snyk in Jenkins Pipeline

Build, Scan & Push Docker Image to AWS ECR

Deploy the Application (Docker Image) to EKS Cluster

Configure and setup of AWS EKS Cluster

Integrate DAST Scan using ZAP tool in Jenkins pipeline

Implemente Continuous Integration and Continuous Deployment with Jenkins Pipeline.

Requirements

Any Scripting Language Knowledge

Prior IT experience would be necessary to learn this technology

Description

DevSecOps stands for development, security, and operations. It is an extension of the DevOps practice. This course will cover everything you need to know to get started and be successful in DevSecOps. It includes hands-on demos, walkthroughs, quizzes, and presentations. The course provides downloadable source code and links to all the tools and websites mentioned so that you can use them in your local environment and follow along at your own pace.Key topics covered are:Module 1: Introduction of DevsecOpsIntroduction of DevsecOpsModule 2: Overview of Maven ToolMaven Lifecycle: Default, Clean & SiteRepositories used in MavenLab - Build the Springboot package in AWS EnvironmentLab: Location of Artifacts & built package dependenciesLab: Exploring pom.xml fileLab: Access the package applicationLab: Exploring dependencies of a built packageLab: Build LifecycleLab: Lab: Create a Web Application Project Using Maven Module 3: Integrate SAST using Sonarcloud (Software as a Service - SaaS) in DevSecOpsOverview of SAST - Static Application Security TestingCreate a Jenkins ServerInstall Maven, git, Java, Jenkins etc.Configure JenkinsInstall suggested PluginsDashboard of JenkinsIntegrate Maven with JenkinsBuild the package -  Springboot Maven Micro ProjectConfigure Sonarcloud - cloud-based clean codeAdd a stage Compile and Run the Sonar Analysis in Jenkins PipelineGenerate Security Tokens from SonarcloudSonar Code Analysis on Vulnerable Project (Bugs, Security issues)Module 4: Integrate SAST using SonarQube in DevSecOpsCreate a SonarQube ServerRun Sonarqube ServiceAccess SonarQube Server via URLInstall SonarQube Scanner PluginsIntegrate SonarQube with JenkinsJenkins Pipeline - Sonar Quality Check 1Jenkins Pipeline - Sonar Quality Check 2Module 5: Integrate SCA scan using Snyk in Jenkins PipelineAbout Snyk tool and benefitsInstall a CI server - Jenkins ServerInstall apache maven on CI ServerAccess the CI Server - Jenkins ServerConfigure the Jenkins ServerCreate a admin user account on Jenkins ServerCreate an account on snyk toolAdd snyk-maven-plugin in pom.xmlRun SCA analysis using snykSCA analysis report using snykModule 6: Build, Scan & Push Docker Image to AWS ECRBuild, Scan & Push Docker Image (Application)  to AWS ECRModule 7: Deploy the Docker image to a server (Continuous Deployment)Module 8: Deploy the Application (Docker Image) to EKS ClusterSetup of AWS EKS ClusterCreate a Client to access EKS ClusterConfigure AWS CLI CredentialsCheck Cluster status using CLIUpdate kubeconfig fileInstall KubectlInstall EksctlTroubleshooting - invalid apiVersion errorCreate Node group for EKS ClusterCompute EKS ClusterAdd a new project in Jenkins PipelineCreate and attach a role to EKS ClientSetup sshagent in Jenkins pipelineCopy files from Jenkins server to EKS ClientCreate a secret keyTroubleshootingExecute the application manuallyAdd a stage to copy the pod deployment fileRun the final pipeline - complete CICDModule 9: Integrate DAST Scan using ZAP tool in Jenkins pipelineAbout ZAP toolAdd a stage in Jenkins PipelineInstallation of ZAP toolZAP commandAdd a stage to copy zap script in Jenkins PipelineAdd a stage of DAST using ZAP tool in Jenkins PipelineExecute the Jenkins job for DAST ScanAnalyze the console logs of Jenkins JobAccess the zap report using web pageDelete the running eks cluster

Overview

Section 1: Introduction

Lecture 1 Introduction

Section 2: Apache Maven Tool

Lecture 2 Introduction Maven Tool

Lecture 3 Maven - Build Lifecycles

Lecture 4 Types of Repositories

Lecture 5 Apache Maven Installation

Lecture 6 Clone the Spring Boot Project to Maven Server

Lecture 7 Validate and package the Source Code

Lecture 8 Lab - Explore pom.xml file

Lecture 9 Lab - Explore pom.xml file

Lecture 10 Lab: Access Spring Boot Application

Lecture 11 Lab: Investigating Dependencies of a Compiled Package

Lecture 12 Lab: Building the Lifecycle

Lecture 13 Lab : Deploy Springboot-webapplication

Section 3: Integrate SAST using Sonarcloud in DevSecOps

Lecture 14 Overview of SAST - Static Application Security Testing

Lecture 15 Create a Jenkins Server

Lecture 16 Install Maven, git, Java, Jenkins etc.

Lecture 17 Configure Jenkins

Lecture 18 Install suggested Plugins

Lecture 19 Dashboard of Jenkins

Lecture 20 Integrate Maven with Jenkins

Lecture 21 Checkout - Springboot Maven Micro Project

Lecture 22 Build the package - Springboot Maven Micro Project

Lecture 23 Configure Sonarcloud - cloud-based clean code

Lecture 24 Add a stage Compile and Run the Sonar Analysis in Jenkins Pipeline

Lecture 25 Generate Security Tokens from Sonarcloud

Lecture 26 Sonar Code Analysis on Vulnerable Project (Bugs, Security issues)

Section 4: Integrate SAST using SonarQube in DevSecOps

Lecture 27 Create a SonarQube Server

Lecture 28 Run Sonarqube Service

Lecture 29 Access SonarQube Server via URL

Lecture 30 Install SonarQube Scanner Plugins

Lecture 31 Integrate SonarQube with Jenkins

Lecture 32 Jenkins Pipeline - Sonar Quality Check 1

Lecture 33 Jenkins Pipeline - Sonar Quality Check 2

Section 5: Integrate SCA scan using Snyk in Jenkins Pipeline

Lecture 34 About Snyk tool and benefits

Lecture 35 Install a CI server - Jenkins Server

Lecture 36 Install apache maven on CI Server

Lecture 37 Access the CI Server - Jenkins Server

Lecture 38 Configure the Jenkins Server

Lecture 39 Create a admin user account on Jenkins Server

Lecture 40 Create an account on snyk tool

Lecture 41 Add snyk-maven-plugin in pom.xml

Lecture 42 Run SCA analysis using snyk

Lecture 43 SCA analysis report using snyk

Section 6: Build, Scan & Push Docker Image to AWS ECR

Lecture 44 Overview of the Project

Lecture 45 Lab - 1

Lecture 46 Lab - 2

Lecture 47 Lab - 3

Lecture 48 Lab - 4

Lecture 49 Lab - 5

Lecture 50 Lab - 6

Section 7: Deploy the Docker image to a server for continuous deployment

Lecture 51 Set up a server to deploy the Docker image

Lecture 52 Lab - 1

Lecture 53 Lab - 2

Lecture 54 Lab - 3

Lecture 55 Lab - 4

Section 8: Deploy the Application (Docker Image) to EKS Cluster

Lecture 56 Setup of AWS EKS Cluster

Lecture 57 Create a Client to access EKS Cluster

Lecture 58 Configure AWS CLI Credentials

Lecture 59 Check Cluster status using CLI

Lecture 60 Update kubeconfig file

Lecture 61 Install kubectl

Lecture 62 Install Eksctl

Lecture 63 Troubleshooting - invalid apiVersion error

Lecture 64 Create Node group for EKS Cluster

Lecture 65 Compute EKS Cluster

Lecture 66 Add a new project in Jenkins Pipeline

Lecture 67 Create and attach a role to EKS Client

Lecture 68 Setup sshagent in Jenkins pipeline

Lecture 69 Copy files from Jenkins server to EKS Client

Lecture 70 Create a secret key

Lecture 71 Troubleshooting

Lecture 72 Execute the application manually

Lecture 73 Add a stage to copy the pod deployment file

Lecture 74 Run the final pipeline - complete CICD

Section 9: Integrate DAST Scan using ZAP tool in Jenkins pipeline

Lecture 75 About ZAP tool

Lecture 76 Add a stage in Jenkins Pipeline

Lecture 77 Installation of ZAP tool

Lecture 78 ZAP command

Lecture 79 Add a stage to copy zap script in Jenkins Pipeline

Lecture 80 Add a stage of DAST using ZAP tool in Jenkins Pipeline

Lecture 81 Execute the Jenkins job for DAST Scan

Lecture 82 Analyze the console logs of Jenkins Job

Lecture 83 Access the zap report using web page

Lecture 84 Delete the running eks cluster

Lecture 85 Last lecture

IT Professionals,Solutions Architect,Software Testers,DevOps Engineer,Application Developers